Apple Brings Privacy-Focused Quality-of-Life Improvements for Developers in iOS 17

Jeff Towle VP, Engineering

For the past several years, Apple has led the charge in ushering in a new era of consumer-centric privacy and controls. This year, they are making it easier and faster for developers to comply with policies already in place.

Among these quality-of-life improvements are Privacy Manifests, Required Reason APIs and SDK Signatures. We’ll explore each in this post and why they matter for every app in the App Store, as well as detail Airship’s Day 1 support for these capabilities coming with iOS 17.

Why Now? 
These improvements couldn’t come at a better time as the FTC has indicated its next big area of focus is mobile apps and privacy. Similarly, EU data protection regulators (e.g. France’s CNIL) have started reviewing privacy implications of mobile apps and SDKs early this year with more guidance expected this fall. 

Data privacy regulations around the globe are giving people greater choice about how companies access and use the information they provide, and it all boils down to transparency and gaining clear consumer consent for what data is being collected and how it will be used. This can be challenging for developers as most apps use a variety of third-party SDKs and they may not always know how each one uses data. That, in turn, can impact the accuracy of Apple’s Privacy Nutrition Labels used by consumers to understand an app’s data practices prior to download. 

Beginning this fall, Apple will communicate with app developers if they are using a privacy-impacting SDK that doesn’t include an SDK Signature or Privacy Manifest, or are accessing Required Reason APIs without declaring approved reasons. By spring 2023 these will become mandatory parts of the App Review process. 

What Are Privacy Manifests?
Privacy manifests are a new way in iOS 17 for third-party SDK developers to provide information about their privacy practices to app developers. This manifest provides information about how the SDK collects and uses data, including information about the types of data collected, the purpose of collecting said data, and whether it is used to track the user or is otherwise tied to their identity. 

SDK developers fill out the manifest, and it is provided to the app developers directly in Xcode. Xcode 15 can then aggregate all privacy manifests for an app and produce a privacy report summarizing the declared data uses for that app. This is important information for the app developer, as this report vastly simplifies the process of filling out accurate Privacy Nutrition Labels. 

Apple has not yet published a list of  privacy-impacting SDKs required to provide a privacy manifest, but we believe it will become best practice for all SDKs to do so. With Airship’s focus on data privacy, it is important that we support our customers in making it as easy as possible to disclose all of the data collection practices of their app to their users and we’ll include our own privacy manifest in SDK 17.3.0 and above.

For apps using an SDK version older than 17.3.0, refer to the Required Reason API usage section of our privacy manifest documentation when creating an Apple privacy manifest. This document covers Airship’s privacy manifest and data collection information as related to Apple’s privacy manifest, plus direct links to related Apple documentation.

Required Reason APIs
Apple also made changes to their list of Required Reason APIs to further protect user privacy. These are considered more sensitive than other APIs, so developers (including third-party SDK developers) are required to accurately describe their usage of these APIs, and may only use the APIs for the reasons described in their privacy manifest. If an app uses a required reason API and does not declare an allowed reason in their privacy manifest, they will not be able to submit their app to the App Store. Requiring developers to declare the reason why they are using one of these APIs helps Apple ensure they are not being used for harmful purposes such as fingerprinting. There are a variety of approved reasons for using APIs that fall into this category.

SDK Signatures
Finally, Apple is helping developers improve the integrity of their software supply chain. Airship has added support for Xcode 15’s SDK signatures, which are digital signatures used to verify the authenticity of third-party SDKs. Airship SDK 17.2.2 and above are signed with our Apple developer identity. When an SDK is installed, Xcode verifies the signature of the SDK and confirms the integrity and origin of the code.

SDK signatures can help ensure developers are installing the SDKs they expect, not malicious or tampered-with SDKs.

These are just a few of the privacy-focused quality-of-life improvements Apple is delivering to developers with iOS 17. As always, Airship is here for you every step of the way. Don’t hesitate to reach out to your Account Manager with any questions!